14 matches found
EUVD-2021-10805
Malware in sbrugna...
EUVD-2022-25100
Malicious code in bioql PyPI...
PT-2025-27323 ยท Code Projects ยท Code-Projects Inventory Management System
Name of the Vulnerable Software and Affected Versions: code-projects Inventory Management System version 1.0 Description: A critical vulnerability affects the unknown code of the file /php action/removeProduct.php. The manipulation of the productId argument leads to SQL injection. The attack can ...
๐ ABB Cylon Aspect 3.08.03 productRemovalUpdate.php Remote Code Execution
The ABB BMS/BAS controller suffers from an authenticated blind OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'instance' HTTP POST parameter called by the productRemovalUpdate.php script. The token key POST param needs to be se...
CVE-2022-1824
An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. This could result in the user gaining elevated permissions and being able to execute arbitrary co...
CVE-2022-1823
Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin Living off the land attack. This could result in the user gaining elevated permissions and being able to execu...
CVE-2022-1823
Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin Living off the land attack. This could result in the user gaining elevated permissions and being able to execu...
CVE-2022-1824
McAfee Consumer Product Removal Tool (MCPR) versions prior to 10.4.128 are affected by an uncontrolled search path vulnerability that enables a local user to perform a sideloading attack via a specific filename, potentially gaining elevated privileges and executing arbitrary code due to insuffici...
CVE-2021-23879 Unquoted service path vulnerability in McAfee Endpoint Product Removal (EPR) Tool prior to 21.2 allows local administrators to execute arbitrary code, with higher-level privileges, via execution from a compromised folder. The tool did not enforce and ...
Unquoted service path vulnerability in McAfee Endpoint Product Removal EPR Tool prior to 21.2 allows local administrators to execute arbitrary code, with higher-level privileges, via execution from a compromised folder. The tool did not enforce and protect the execution path. Local admin privileg...
CVE-2021-23879
The CVE-2021-23879 entry describes an unquoted service path vulnerability in McAfee Endpoint Product Removal (EPR) Tool, before version 21.2. The flaw allows local administrators to execute arbitrary code with elevated privileges by placing files in an insecure path where the tool runs, due to th...
Mcafee McAfee Endpoint Product Removal ไปฃ็ ้ฎ้ขๆผๆด
Mcafee McAfee Endpoint Product Removal is an application from the American company McAfee Mcafee. It is used to uninstall McAfee products. McAfee Endpoint Product Removal has a security vulnerability that can be exploited by an attacker to bypass restrictions in order to escalate his privileges...
GeoClassifieds Lite Multiple Vulnerabilities (Sep 2011) - Active Check
GeoClassifieds Lite is prone to multiple SQL injection SQLi and cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
XM Easy Personal FTP Server File/Folder Denial of Service Vulnerability
This host is running XM Easy Personal FTP Server and is prone to Denial of Service Vulnerability. OpenVAS Vulnerability Test $Id: gbxmeasyftpdircreatedosvuln.nasl 4970 2017-01-09 15:00:59Z teissa $ XM Easy Personal FTP Server File/Folder Denial of Service Vulnerability Authors: Sujit Ghosal...
Apple Safari RSS Feed Information Disclosure Vulnerability
The host is running Apple Safari web browser which is prone to remote file access vulnerability. OpenVAS Vulnerability Test $Id: gbapplesafariinfodiscvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ Apple Safari RSS Feed Information Disclosure Vulnerability Authors: Nikita MR Copyright: Copyright c...